Overview

overview

7

Static

static

zloader_1....ir.exe

windows7_x64

7

zloader_1....ir.exe

windows10_x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    zloader_1.7.1.0.vir

  • Size

    2.9MB

  • Sample

    200719-8mjhh5waw2

  • MD5

    03915a1f03df164f48ac4dfd04d9c2c4

  • SHA1

    b3668d82afdbf2995c4195973525b0b00b8e21b1

  • SHA256

    7c73619ff8d5e4ed3b29b7ae71a69602df4071fd8c1029f9674e9978cdc03de9

  • SHA512

    5337c6dbc5986470bd4d48919537f4142ea47c08f77f148c223b609e361e8c83c98a55a399fa0e376972d1d379c0dd0bc0185af9e6a4820f9add7b9513576c5f

Score
7/10
evasionpersistencespywaretrojan

Malware Config

Targets

    • Target

      zloader_1.7.1.0.vir

    • Size

      2.9MB

    • MD5

      03915a1f03df164f48ac4dfd04d9c2c4

    • SHA1

      b3668d82afdbf2995c4195973525b0b00b8e21b1

    • SHA256

      7c73619ff8d5e4ed3b29b7ae71a69602df4071fd8c1029f9674e9978cdc03de9

    • SHA512

      5337c6dbc5986470bd4d48919537f4142ea47c08f77f148c223b609e361e8c83c98a55a399fa0e376972d1d379c0dd0bc0185af9e6a4820f9add7b9513576c5f

    Score
    7/10
    persistencespywareevasiontrojan

    • Deletes itself

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spyware

    • Adds Run key to start application

      persistence

    • Checks whether UAC is enabled

      evasiontrojan
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Credentials in Files

1
T1081

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Data from Local System

1
T1005

Exfiltration

Command and Control

Impact

Tasks